package com.bjlytr.license.client.core;

import com.bjlytr.license.client.entity.LicenseCheckModel;
import com.bjlytr.license.client.info.AbstractServerInfos;
import com.bjlytr.license.client.info.LinuxServerInfos;
import com.bjlytr.license.client.info.WindowsServerInfos;
import de.schlichtherle.license.*;
import de.schlichtherle.xml.GenericCertificate;
import lombok.extern.slf4j.Slf4j;
import org.apache.commons.lang.StringUtils;

import java.beans.XMLDecoder;
import java.io.BufferedInputStream;
import java.io.ByteArrayInputStream;
import java.io.UnsupportedEncodingException;
import java.util.Date;
import java.util.List;

/**
 * @author Ledison
 * @date 2021/9/16
 */

@Slf4j
public class CustomLicenseManager extends LicenseManager {

    /**
     * XML编码
     */
    private static final String XML_CHARSET = "UTF-8";
    /**
     * 默认 buf size
     */
    private static final int DEFAULT_BUFSIZE = 8 * 1024;

    public CustomLicenseManager() {
    }

    public CustomLicenseManager(LicenseParam param) {
        super(param);
    }

    /**
     * 复写create方法
     */
    @Override
    protected synchronized byte[] create(LicenseContent content, LicenseNotary notary) throws Exception {
        initialize(content);
        this.validateCreate(content);
        final GenericCertificate certificate = notary.sign(content);
        return getPrivacyGuard().cert2key(certificate);
    }

    /**
     * 复写install方法，其中validate方法调用本类中的validate方法，校验IP地址、Mac地址等其他信息
     */
    @Override
    protected synchronized LicenseContent install(final byte[] key, final LicenseNotary notary) throws Exception {
        final GenericCertificate certificate = getPrivacyGuard().key2cert(key);
        notary.verify(certificate);
        final LicenseContent content = (LicenseContent) this.load(certificate.getEncoded());
        this.validate(content);
        setLicenseKey(key);
        setCertificate(certificate);
        return content;
    }

    /**
     * 复写verify方法，调用本类中的validate方法，校验IP地址、Mac地址等其他信息
     */
    @Override
    protected synchronized LicenseContent verify(final LicenseNotary notary) throws Exception {
        GenericCertificate certificate = getCertificate();
        // Load license key from preferences,
        final byte[] key = getLicenseKey();
        if (null == key) {
            throw new NoLicenseInstalledException(getLicenseParam().getSubject());
        }
        certificate = getPrivacyGuard().key2cert(key);
        notary.verify(certificate);
        final LicenseContent content = (LicenseContent) this.load(certificate.getEncoded());
        this.validate(content);
        setCertificate(certificate);
        return content;
    }

    /**
     * 校验生成证书的参数信息
     */
    protected synchronized void validateCreate(final LicenseContent content) throws LicenseContentException {
        final LicenseParam param = getLicenseParam();
        final Date now = new Date();
        final Date notBefore = content.getNotBefore();
        final Date notAfter = content.getNotAfter();
        if (null != notAfter && now.after(notAfter)) {
            throw new LicenseContentException("证书失效时间不能早于当前时间");
        }
        if (null != notBefore && null != notAfter && notAfter.before(notBefore)) {
            throw new LicenseContentException("证书生效时间不能晚于证书失效时间");
        }
        final String consumerType = content.getConsumerType();
        if (null == consumerType) {
            throw new LicenseContentException("用户类型不能为空");
        }
    }

    /**
     * 复写validate方法，增加IP地址、Mac地址等其他信息校验
     */
    @Override
    protected synchronized void validate(final LicenseContent content) throws LicenseContentException {
        try {
            //1. 首先调用父类的validate方法
            super.validate(content);
            //2. 然后校验自定义的License参数
            //License中可被允许的参数信息
            LicenseCheckModel expectedCheckModel = (LicenseCheckModel) content.getExtra();
            if(!content.getInfo().equals("Ledison")){
                throw new LicenseContentException("info信息错误");
            }
            //当前服务器真实的参数信息
            LicenseCheckModel serverCheckModel = getServerInfos(false);
            if (expectedCheckModel != null && serverCheckModel != null) {
                if (expectedCheckModel.isCheckHardware()) {
                    log.info("【开始校验硬件参数】");
                    // 需要验证硬件
                    //校验主板序列号
//                    if (!checkSerial(expectedCheckModel.getMainBoardSerial(), serverCheckModel.getMainBoardSerial())) {
//                      throw new LicenseContentException("当前服务器的主板序列号没在授权范围内");
//                    }
                    //校验IP地址
//                if (!checkIpAddress(expectedCheckModel.getIpAddress(), serverCheckModel.getIpAddress())) {
//                    throw new LicenseContentException("当前服务器的IP没在授权范围内");
//                }
                    //校验Mac地址
                    if (!checkIpAddress(expectedCheckModel.getMacAddress(), serverCheckModel.getMacAddress())) {
                        throw new LicenseContentException("当前服务器的Mac地址不在授权范围内");
                    }
                    //校验CPU序列号
//                    if (!checkSerial(expectedCheckModel.getCpuSerial(), serverCheckModel.getCpuSerial())) {
//                      throw new LicenseContentException("当前服务器的CPU序列号没在授权范围内");
//                    }
                }else{
                    log.info("【跳过校验硬件参数检查】");
                }
            } else {
                throw new LicenseContentException("不能获取服务器硬件信息");
            }
        } catch (LicenseContentException e) {
            String detail = e.getLocalizedMessage();
            if (detail.equals("License Certificate has expired!")) {
                throw new LicenseContentException("证书认证过期，请联系管理员授权！");
            }
            throw new LicenseContentException(e.getMessage());
        }
    }

    /**
     * 重写XMLDecoder解析XML
     */
    private Object load(String encoded) {
        BufferedInputStream inputStream = null;
        XMLDecoder decoder = null;
        try {
            // 替换自定义license参数类：以客户端定义的LicenseCheckModel，替换xml中服务端的LicenseCheckModel路径
            String clazzName = LicenseCheckModel.class.getName();
            encoded = encoded.replace("cn.test.license.LicenseCheckModel", clazzName);
            inputStream = new BufferedInputStream(new ByteArrayInputStream(encoded.getBytes(XML_CHARSET)));
            decoder = new XMLDecoder(new BufferedInputStream(inputStream, DEFAULT_BUFSIZE), null, null);
            return decoder.readObject();
        } catch (UnsupportedEncodingException e) {
            log.error("解析XML异常", e);
        } finally {
            try {
                if (decoder != null) {
                    decoder.close();
                }
                if (inputStream != null) {
                    inputStream.close();
                }
            } catch (Exception e) {
                log.error("XMLDecoder解析XML失败", e);
            }
        }
        return null;
    }

    /**
     * 获取当前服务器需要额外校验的License参数
     */
    protected LicenseCheckModel getServerInfos(boolean isFirst) {
        //操作系统类型
        String osName = System.getProperty("os.name").toLowerCase();
        AbstractServerInfos abstractServerInfos;
        //根据不同操作系统类型选择不同的数据获取方法
        if (osName.startsWith("windows")) {
            abstractServerInfos = new WindowsServerInfos();
        } else if (osName.startsWith("linux")) {
            abstractServerInfos = new LinuxServerInfos();
        } else {
            //其他服务器类型
            abstractServerInfos = new LinuxServerInfos();
        }
        return abstractServerInfos.getServerInfos(isFirst);
    }

    /**
     * 校验当前服务器的IP/Mac地址是否在可被允许的IP范围内
     * <br/>
     * 如果存在IP在可被允许的IP/Mac地址范围内，则返回true
     */
    private boolean checkIpAddress(List<String> expectedList, List<String> serverList) {
        if (expectedList != null && expectedList.size() > 0) {
            if (serverList != null && serverList.size() > 0) {
                for (String expected : expectedList) {
                    if (serverList.contains(expected.trim())) {
                        return true;
                    }
                }
            }
            return false;
        } else {
            return true;
        }
    }

    /**
     * 校验当前服务器硬件（主板、CPU等）序列号是否在可允许范围内
     */
    private boolean checkSerial(String expectedSerial, String serverSerial) {
        if (StringUtils.isNotBlank(expectedSerial)) {
            if (StringUtils.isNotBlank(serverSerial)) {
                return expectedSerial.equals(serverSerial);
            }
            return false;
        } else {
            return true;
        }
    }
}
